The default name of the web page the allows a web site administrator to log in to the dashboard and update a web site powered by WordPress.

URLs like http://example.com/wp-login.php are a favourite target for brute-force attacks that try to break into WordPress-powered web sites by guessing the admin username and password. If successful, the attacker could then publish their own content on the site or modify the existing content.